This spring, the Australian Government introduced legislation to expand and reform the
Privacy Act 1988. And while the Privacy and Other Legislation Amendment Bill 2024 is still working its way through Parliament, it’s never too early to take a look at your business’s policy on data collection, usage and storage.
Currently, the Privacy Act 1988 lays out a framework of 13 Australian Privacy Principles for the handling of personal information, protecting individuals by regulating how businesses and organisations collect, use, disclose, and store personal data. The pending legislation is poised to broaden the scope of the act by applying its protection to more types of data, covering a broader range of businesses and introducing new regulations regarding consent to collect information and children’s privacy rights. More information on these changes will be available as the draft legislation is refined into law.
At its core, data privacy revolves around the idea of individual control over personal information. Customers should have the right to know what personal information is being collected about them, how that information is used, and whether or not that information is shared with third parties.
One of the most pressing issues in data privacy is the potential for misuse of personal or sensitive information. As a business, it’s a good to practice data minimisation: collect only the information you specifically require for your business needs. Public awareness of data privacy issues is also increasing, particularly in light of
breaches and other unauthorized access, making it essential to strike a balance between business innovation and individual protection.
Take some time to evaluate your company practices, and take the following into consideration:
• What sort of data do you hold about your customers?
• What is the life cycle for the data you hold?
• Does your privacy policy include a clear way for customers to contact your business regarding the data you hold?
• What is your response plan in the event of a data breach?
For businesses both in and outside of
Australia, a proactive approach to responsibly handling personal information will help maintain customer trust and keep you on the right side of the law.